Data privacy week: What the experts want you to know

As digitalization increasingly becomes a bigger part of everyday life, how can we maintain our personal privacy online? The experts share their top tips

January 24, 2023

Privacy empowers people to have choice, transparency, and ultimately greater control over how their data is collected and used. The landscape of global privacy laws is complex and constantly evolving, and laws such as the GDPR, CPRA, and LGPD place strict requirements on businesses and grant new rights to individuals. Research conducted by Ponemon Institute shows that 79% of internet users around the world feel they have lost control over their personal data. And with technology outpacing legislation, how do you protect your personal data?

Your data is valuable to platforms, companies, and criminals. Thanks to the news cycle and the year-over-year increase in online criminal activity, most individuals are aware of data breaches. But where does all the leaked information end up? Usually for sale on the Dark Web. In 2022, a criminal could purchase 10 million USA email addresses for an average of $120. So, while online crime may be top of mind when you consider your personal data, they’re not your only threat. Even the companies you trust may collect your data in ways you’re not comfortable with.

Some companies use consumer data to customize customer experiences and strengthen marketing strategies. But they may also sell data for revenue. This tactic, known as Data Harvesting, is perfectly legal. Data Harvesting refers to collecting information from various sources (websites, apps, social media platforms, etc.) into a database where it’s packaged and sold.

Privacy sounds like a professional buzzword but in 2023, the US will see five state privacy laws come into effect and many other countries are following suit.

“Business data has lots of parties that might need various levels of access, different aggregations of the data, and different purposes. What is ok and not ok for professional data depends a lot on the context of how it’s being used,” explains Blake Brannon, Chief Strategy Officer at OneTrust. “Privacy is complex and can be high risk for businesses. Understanding how data is used, protected, and accessed is something your company dictates.”


How can you manage your privacy in the age of digitalization?

Life outside the cubicle is no privacy cakewalk. Technology has become embedded in almost everything we touch. From doorbells to appliances, smart home devices in the US have been on the rise for years. Already in 2023, as many as 60.4 million households in the US are actively using smart home devices.

“Smart Home devices are becoming increasingly common. They include CCTV cameras, virtual assistants, smart doorbells with embedded cameras, virtual security systems, and even wi-fi connected robot vacuums,” describes Fabrizio Venturelli, Global DPO at Workday. “It’s important to be aware that these devices are capable of processing large amounts of personal information that may be yours, your guests, or even people walking in proximity to your house. With this in mind, use them responsibly and set them up to be as least intrusive as possible of your and others’ privacy.”

Sometimes setting up these devices is more complicated than we realize and something as harmless as a vacuum can invade your privacy. It was recently reported that a Roomba recorded a woman on the toilet and the screenshots ended up on Facebook. As users, it’s our responsibility to read the fine print when agreeing to the terms and conditions. Perhaps you unknowingly agreed to let your smart devices monitor you, or someone is where they shouldn’t be.

“Make sure the software and security features are updated on all your smart home devices. Doorbell cameras, phones, WIFI, smart TVs, laptops—anything in your house connected to the internet needs to be secure. Any one of these devices could have security vulnerabilities that could allow someone in. Always install updates as soon as they are released,” advises Tim Mullen, Chief Information Security Officer at OneTrust.

Trustworthy companies often provide a notice explaining the connection between the app functionality and the permission before asking for access, and you can use this text to make an informed decision. You should know why a device is asking for specific permissions and deny the permission if it is not important for your usage.


You have the power to take control of your personal information

The power to control vast amounts of personal data lies in the palm of our hands. Your phones and tablets contain a tremendous amount of detail about you such as where you go, what you do, who you spend time with, and how much is in your bank account. Therefore, it’s critical you safeguard your device.

“When it comes to data privacy, I maintain a work phone and a personal phone to ensure my employer cannot snoop on my personal life,” Ryan O’Leary, Research Director, Privacy and Legal Technology at IDC shares. “Further, I ensure the GPC (Global Privacy Control) is enabled on every browser I use to prevent unwanted tracking.”

But it isn’t just in the office or the comfort of your own home that you should be considering your privacy. Accessing your device in public places can also put yours, and others, privacy at risk.

“I regularly find myself answering emails or working on documents during the commute. My two privacy tips for fellow commuters—avoid using public wi-fi on buses or trains and get a privacy screen for your laptop,” shares Natalija Bitiukova, Data Protection Officer at IKEA Group. “Both are important for preventing wandering eyes from sneaking a peek at all the personal data and business information which is meant to be kept confidential.”

Andrew Clearwater, Chief Trust Architect at OneTrust agrees with Bitukova and explains how to use lock screen strategically.

“Alerts on lock screens can be very handy but for a privacy-protective approach, only allow generic information like the weather in this area to pop up. Make sure that email and messaging alerts and similarly sensitive data are not shown there.”

When commuting or traveling it’s always imperative to be aware of your surroundings for safety reasons. But we often don’t make the mental connection to how being aware of our surroundings can impact our privacy.

Chris Horan, Privacy Manager at Silicon Valley Bank said, “I do not wear any company logos, nor do I have any luggage tags when I travel. I also make sure no one can see my boarding pass or my laptop when working outside of the office.”


Simple tips for staying safe on social media

Let’s face it, the urge to post insta-perfect pics or creatively curated reels of trips, dogs, and kids is strong. Social media platforms allow us to invite friends and family to experience life’s intimate moments, regardless of location. It is this feeling of connection that often lulls us into a false sense of security. Do you know every single one of your social media followers? A report from 2021 found that only 22% of respondents knew all of their followers on all platforms. This is particularly worrisome regarding your personal data and that of your friends and family.

“Security settings and disclosure limitations on social media are important. Your posts can be seen even if your own security settings are set to private,” Oxana Iatsyk, Privacy Officer at Walmart Canada warns.

This makes broadcasting your milestone moments risky. And while we want to share exciting news, when was the last time you stopped to ask permission before posting pictures or videos of your loved ones?

Simply keeping business trips and vacations off social media until you’ve returned safe and sound is an easy privacy life hack. No one needs to know you are out of town and your home is empty. A 2022 study found that 60% of burglary victims were active on social media. Keep your whereabouts private by not tagging locations or sharing pictures if you’re still out of town.


Are you protecting your children’s online privacy?

Three-quarters of parents have shared content of their children or stepchildren on social media and less than a quarter of guardians always get their children’s consent. A third never even ask for their permission.

“Sharenting means that social media users share their own lives and those of their children, grandchildren, nephews, nieces, or other children. The special focus and increased interest seem to lie with young children, perhaps precisely because they are not yet asking any uncomfortable questions about the whereabouts of the photographic material or because society is more interested in young children,” explains Jutta Oberlin, Program Manager International Data Transfers & Privacy Regulatory Engagement at Google. “A big privacy red flag for me is posting pictures of minors in private situations online—even if they cannot talk, they have the right to privacy.”

According to Australia’s National Children’s Commissioner Anne Hollonds, a child born in 2023 will have 72 million pieces of their personal data collected and stored on the internet by the time they are 13. It’s an astronomical number to wrap one’s head around considering pre-teens haven’t even received a social security number yet. But over 50% of pregnant women use pregnancy apps meaning that data harvesting could commence when a child is conceived.

Adults can do a lot to protect children’s privacy regardless of their age by setting data privacy boundaries. As a parent or guardian, taking the time to comb through settings is a simple proactive approach to protecting the privacy of minors. Make sure local tracking is turned off within their apps and enable parental controls. Many apps and sites do not have age filtering so it’s best to check your child’s phone often and use those parental controls to approve any app downloaded to the device.

And for older kids, a gentle reminder that the internet lives forever, can’t hurt.

“Never forget the newspaper test. I tell my kids this all the time. Whatever you do, remember that in this digital age, it is almost always public in some form. A Facebook story, Snapchat post, TikTok video—the forum doesn’t matter. Once it is digital, it lives forever. Would you feel comfortable if that picture or story showed up on the front page of your local, real, or virtual, newspaper? If not, don’t do it. Do they listen to me? Of course not. But, hey, at least I tried!” clarifies Ojas Rege, General Manager, Privacy & Data Governance at OneTrust.

And it’s not just children we should be educating, the older generations – where tech literacy it typically lower – should be taken into account when we think about protecting ourselves online. Protecting your privacy is complex and conversations with loved ones are always helpful explains Linda Thielova, Head of the Privacy Center of Excellence and Data Protection Officer at OneTrust.

“I have regular informal data and tech Q&As with my parents. While it may require patience on both sides, it helps them to understand that not all data sharing is nefarious. It’s also valuable for me personally because it shows me how much more we need to do as an industry to be inclusive and transparent about data practices toward everyone, especially older folks like my parents.”


Protecting your privacy: The final word

The effects of the COVID-19 pandemic have repeatedly proven that people and their personal information are targets and it’s important that individuals take an active role in safeguarding intimate information online.

Rather than just unsubscribing from emails, contact a company’s privacy rights center (typically in the footer of a site) and request they delete your account and all personal data.

Know what a strong password looks like – think numbers, symbols, upper and lowercase, and avoid common words and phrases – and remember to use unique passwords on different platforms through a password manager.

Reduce your use of public, unsecured Wi-Fi and, because safer data benefits everyone, always get consent from friends, family, and children before sharing on social media.

After all, your privacy matters and there are several different ways you can take a proactive approach to promoting strong privacy practices for you and your family.

You may also like


Privacy Management

Managing data transfers within the UK & EU

Join our experts as we discuss ways to effectively manage data transfers between the UK & EU while staying compliant with the latest privacy regulations.

October 31, 2023

Learn more


Data Discovery & Security

A guided tour of OneTrust Data Discovery magic

Our expert speaker will demonstrate how common real-world data challenges can be identified, addressed, and reported on, leading to better data governance, security, and alignment with business goals. 

October 26, 2023

Learn more


Data Discovery & Security

Data minimization and risk assessment in data discovery

Explore the concept of data minimization and its crucial role in enhancing security, privacy, and reducing risk.

October 19, 2023

Learn more